The National Institute of Standards and Technology last month finished collecting comments on the latest version of its Recommendation for Key Management, Part 1 (Rev. 4), which offers guidance and best practices for generating and storing cryptographic keys.
This is the most recent effort by NIST to develop and maintain a government framework and standards for cryptographic key management. To comply with these standards and better manage cryptographic keys, agencies need a solid “crypto foundation.”
A crypto foundation is now more important than ever, because of cloud applications, mobile devices and virtual environments. Data is now often scattered throughout the infrastructure, exposing it to real risk. With a strong crypto foundation, you can secure data in many different environments while also managing your keys and other crypto resources.
There are four areas to consider when creating a crypto foundation:
- Crypto Processing and Acceleration — Managing the throughput of transactions and number of identities using the secure data.
- Key Storage — Securing the key(s) in hardware or software.
- Key Lifecycle Management — Managing crypto keys and following proper procedures in every step of the life cycle.
- Crypto Resource Management — Managing, deploying and reporting on cryptographic resources and defining access levels.
Crypto processing and acceleration
What kind of information are you now encrypting or need to encrypt in the future? Whatever that may be, you have to be sure that you use ciphers/algorithms that are comparable to current industry standards.
Elliptic curve cryptography, for example, yields strong keys while taking up very little memory. Make sure your key lengths have the right combination of protection and flexibility.
Workflow and applications are important as well — specifically, where encryption and decryption will take place. You may need to consider incorporating high-speed cryptographic processors to ensure the encryption will run where you want it, and at the speed you need it to run.
You can avoid processing logjams and boost system capacity by offloading and accelerating crypto operations. Consider a hardware security module (HSM) to move cryptographic processes from application servers. An HSM protects keys and objects separate from any attached host computer or network device.
Protecting cryptographic keys is vital to security. The keys you use and the way you should store them depend on how you will use them.
Depending on the value of your data and the variety of keys needing to be stored, you may choose to store your keys in hardware or software. For keys that protect highly sensitive data and applications, use a centralized, hardware-based approach.
Storing keys in hardware offers the highest levels of security assurance. Nothing ever enters or leaves the hardware, which protects keys from traditional network attacks. If the hardware is compromised, the keys simply zero out. (Both NIST’s Federal Information Processing Standard and the Common Criteria for Information Technology Security Evaluation require this level of key storage.)
To ensure appropriate key storage, put some space between the threats to your data and the threats to your keys. Code signing, certificate validation, transaction processing and Public Key Infrastructure all are ideal use cases for centralized key storage.
In some cases, cryptographic keys have to be closer to the data and applications they secure. Data in customer databases, for example, requires many keys moving across many applications. In that case, keys for sensitive data encryption may need to be stored within applications for efficiency and convenience. Distributed key storage may be a better choice.
Key lifecycle management
Successful key management is challenging, because it combines key generation, storage, distribution, rotation, revocation, suspension and termination procedures for devices and applications. Over time, many organizations have created complicated encryption policies to deploy and account for the huge number of keys required to secure data in their networks. These policies can lead to mismanagement and exposure of critical data.
For effective key management, keys should be following the distributed model. If you have a high volume, velocity and variety of keys, consider a centralized management system specifically for key management. This type of system will handle any key-related tasks and connect with other cryptographic systems or hardware.
Keys encrypt and decrypt vital data, so make sure key strength matches data sensitivity. The main things to keep in mind are the key length and how randomly unpredictable keys are produced. (The greater the key length, the stronger the encryption.)
Before distributing a key, it must be associated with a particular user, system, application or policy. This will determine how the key will be secured, and the method to secure it while in transit.
How you distribute keys depends on the type of cryptography you’re using. With symmetric key cryptography, secret keys must be securely exchanged between parties. Wrapping these keys prior to distribution can provide security as they travel through otherwise unsecure networks.
With public key cryptography, private keys must be stored securely, while public keys may be widely distributed. It’s important to differentiate access between the administrator creating the key and the person using it. By keeping these tasks separate, you’re more likely to keep unauthorized users from accessing confidential information.
Each of your keys should have a crypto period that can be changed as necessary. The longer you use the same key, the more likely that key may be compromised. By regularly rotating keys you can be sure that lost, stolen or copied keys can only be used for a short time. (When you rotate in a new key, remember to rekey the existing data. Decrypt your data and re-encrypt it with the new key. That will protect the data from being compromised by any older keys.)
Key backup and recovery is a big part of a Crypto Foundation. You need a way to restore keys if key storage is compromised. Without that backup plan, you may not be able to access encrypted data. Keep backup key copies in a secure storage mechanism, to efficiently restore keys and encrypt or re-encrypt data on a new key. The best practice is to use an offline storage container, like a FIPS validated card, appliance or token. Document concrete processes for handling key compromise.
Crypto resource management
Managing your crypto resources means having a consistent enforcement policy. The best approach is to use a single easy-to-use interface to administer, monitor and provision your cryptographic resources. Here are a few considerations:
- Deploy resources. Your organization probably has multiple stakeholders in the key management lifecycle. Maintain control of the cryptographic keys so that System Administrators and Security Officers can do their jobs without affecting the Application Owner’s responsibility for access and control over the keys. You’ll need a system to provision and de-provision cryptographic resources for hardware storage, and to automate client provisioning with levels of multi-tenant, tiered security administrator access.
- Configure policy. How many keys can be generated, and where they are stored? Continually update variables like back-up networks and users should be continually updated. Your policies should address how keys are used, and appropriate application and device access levels.
- Monitor and report. For correct levels of risk and security compliance, use automated and unified logging and reporting. Clearly define key ownership, and record and securely store any modifications. Proper monitoring shows how keys are used, and can point up failures in both the cryptographic devices and unmanaged end-points.
Of course, this is just an overview. Your own plan will depend how your organization uses sensitive data, the number of people who require access and how frequently that access happens. Still, a strong crypto foundation can be the defining factor in how well you can protect your important agency data, and you’ll need to address these four crypto foundation principles to comply with NIST’s standards for key management.